As the Owner, President and CEO of KAI, my role is to set the strategic direction for the company overall and to ensure that the company is in alignment with current and future information technology trends, both on the IT services side as well as the product development arena. I have full profit and loss responsibility for the company. I am also responsible for the establishment of key client and partner/vendor relationships that assist Knowledge Analytics Inc. to achieve exceptional outcomes for our stakeholders.I also continue to provide SME support services for our customers to assist them with overcoming highly complex challenges through innovative approaches.Examples of the services I provide for our clients as needed include cloud integration and governance, security compliance and architecture automation, analytical services for a variety of use cases and overarching enterprise/system architecture. I also served as the Chief Security Scientist for a large Government agency responsible for developing innovations in the cyber security and privacy domains. I am a proven expert in all things cyber security and also have deep proficiency in cloud integration and data analytics.

I had responsibility for technology innovation and business development for Business Integra in this role. In the 2 years and 8 months I was responsible for winning and managing the delivery of over $80M in new cybersecurity business developing this cyber line of business from scratch. I was also a key participant in winning another IT service support contract with a large federal agency worth $225M.In my delivery role, I served as the Lead Enterprise Security Architect on the CMS (DECC) program, a $350M+ transformation effort. I had responsibility for overseeing everything from security architecture to compliance and serving as the client POC for security architecture topics across the entire program. Examples of the enterprise security components I was responsible for deploying in support of DECC included a fully functioning XML Gateway, an Identity Federation service for obtaining identity information from legacy authoritative sources built on SAML 2.0, course and fine-grained authorization services, a custom antivirus enterprise service, an enterprise error/exception handling service, vulnerability management services at all tiers of the architecture, enterprise directory services, web service security, audit logging & event correlation, host & network intrusion detection integration and the CMS NwHIN gateway security service.

Mr. McKim was a second-line manager (also referred to as a manager of other managers) within the IBM Global Business Services leadership structure at the Associate Partner level. In his combined tenure at IBM, Mr. McKim was a major contributor to business development, having been instrumental in bringing in over $550M worth of new business to IBM GBS. He also served as the Lead Security & Integration Architect for the Immigration Transformation system. In this role, Mr. McKim has full responsibility for designing and deploying the security and privacy architecture for a large ($500M+) enterprise Service Oriented Architecture (SOA) environment that will streamline the processing and availability of information for the US Citizenship & Immigration Services (USCIS) agency. Mr. McKim leads a large team of security architects, engineers and developers to mobilize the architecture he created as a part of the initial bid for this work in the proposal phase. The components of the security architecture include federated identity management, automated compliance monitoring, internal and external encryption, privacy policy establishment and enforcement, Role Based Access Control (RBAC), data extrusion/leakage protection, an authentication web service to add additional coverage than what TIM/TAM is providing, intrusion detection (host/network), and message security through the Datapower XML security appliance. Mr. McKim’s team is also responsible for rationalizing/engineering all security and privacy requirements as a part of system design.

I was responsible for embedding an information security governance structure for Freddie Mac at both the corporate and division levels. I created security artifacts at the corporate level of Freddie Mac like an IT Security Charter, IT Security Organization Structure, and IT Security Roles and Responsibilities as called for in the CobiT® DS5.1 control objective. I also created artifacts at the IT level pertaining to information security which included a network security standard, a standard on application controls, an incident definition standard, a surveillance/monitoring/testing standard, and a standard on identity management.For the Air Force TMOS program ($2.4B), I served as the Lead Information Assurance (IA) and Systems Management Architect where I created a robust enclave security architecture for passing data from TS, S, and SBU enclaves between each other without revealing data of a higher classification to enclaves with a lower classification (High Side/Low Side interaction). To properly perform these tasks, I worked with the global program teams from Lockheed Martin and the internal IBM team to ensure that the system IA and systems management architecture properly reflected the Infrastructure constraints, needs, and opportunities associated with Service Oriented Architecture (SOA) as well as the design implications of the process/policy/regulatory requirements established by the Department of Defense that directly applies to IBM’s development of common services and the TMOS Enterprise Service Bus (ESB). During my tenure with TMOS, the program was selected as the 2008 Aviation Week Excellence for Start Up Programs award winner.In addition, I created the security architecture for the winning USCIS Transformation project, a $500M SOA transformation engagement. After getting the award, I assumed the role of Lead Enterprise Security Architect on the USCIS Transformation project in late 2008.

I was responsible for creating an information assurance architecture for the Booz Allen Hamilton proposal solution for managed services related to the NCES SOA Foundation (SOAF). Some of the key pieces of the solution included local policy and identity stores, policy decision and enforcement points set up through the security appliance Dataguard, session confidentiality, message security (WS-Security), and data labeling.In addition, I was tasked with looking at an architecture for a proposed SOA solution to determine if the preliminary design aligned with the net-centric model the DoD community is transitioning to. I used guidance including the Net-Readiness Key Performance Parameter (NR-KPP) and the Net-Centric Operations and Warfare Reference Model (NCOW-RM) to provide a comprehensive assessment and offer solid recommendations to achieve net-centric compliance for the JBFSA CSDS initiative.

I was responsible for providing TSA with guidance on how they could build security into their proposed SOA, the Information Sharing Environment (ISE). The major task for me was to create a security guidebook for TSA that was made up of the following components; a SOA security & privacy strategy, a conceptual security architecture for SOA, a measurements framework for assessing the performance of security controls in the SOA, and the identification of rationalized security requirements. I was also responsible for addressing the ability to achieve federation between TSA’s ISE security architecture and the DHS SOA security architecture. As a result of the work I performed on this engagement, I was named the overall SOA security point of contact for the Security & Privacy Services (SPS) group within the federal AERS practice.In addition, I was responsible for researching and evaluating the security posture of the Oracle 9i/10g and DB2 database platforms for the Social Security Administration's Title 2 system. I made recommendations as to how SSA could best meet industry requirements and tighten security at the same time. I was responsible for evaluating SSA’s Oracle and DB2 risk models to determine if there were any weaknesses present or candidate enhancements to their processes.

I was responsible for implementing and maintaining the Medicare HIGLAS security architecture. These tasks included but were not limited to firewall updates & maintenance, system security health checks (on security safeguards and countermeasures in place), System Testing & Evaluation (ST&E), vulnerability mitigation, network scans, IDS investigation & resolution, connectivity set up & maintenance, and Security Operations status reporting. As this role was a client facing role, I was required to interface with upper level CMS management, representing IBM. HIGLAS is still the largest Oracle Financials installation in the world, and was necessary to incorporate a layered security approach that addressed all layers of security for such a complex system (ex. Application Security, Network Security, Physical Security, Access Control, Code Reviews, etc.).After the CMS engagement went into full blown production, I served as the lead Infrastructure Information Assurance (IA) and Systems Management Architect for the Air Force’s TMOS system. I was responsible for the implementation of the IA framework, identification of candidate IA services, supporting infrastructure trade studies, and other work associated with the broad Infrastructure team responsibility. To properly perform these tasks, I worked with the global IA team from Lockheed Martin to ensure that the system IA architecture properly reflected the Infrastructure constraints, needs, and opportunities associated with Service Oriented Architecture (SOA) as well as the design implications of the process/policy/regulatory requirements established by the Department of Defense that directly applied to IBM’s development of common services and the TMOS Enterprise Service Bus (ESB).

In this role I worked at both the Personnel Support Detachment (PSD) at Bolling Air Force Base and the USS Enterprise aircraft carrier. I was responsible for working in the DFAS accounting system to ensure all pay transactions and entitlements were processed for service men and women in my jurisdiction.